바로가기

Security Alert



Alert – Drupal RCE Exploit: Drupalgeddon2 2018-04-25
Descrip.tion


Drupal security team discovered a highly critical remote code execution vulnerability, dubbed Drupalgeddon2, in its CMS software that could allow attackers to completely take over vulnerable websites. Short after it was publicly released, hackers started exploiting it.


Impact of the vulnerability


Drupalgeddon2 vulnerability allows remote attacker to execute malicious code on Drupal installations CMS without requesting any authentication. As Checkpoint researchers said, an attacker could potentially inject a malicious payload into the internal form structure of Drupal, execute it without user authentication and carry out a full site takeover.


Vulnerable versions


Drupalgeddon2 affects all versions of Drupal from 6 to 8.


Solution: Rw-CSIRT is strongly recommending users to:


• to patch the vulnerability by updating Drupal CMS to 7.58 or 8.5.1 as soon as possible to avoid exploits.


Affected users should: Affected users should contact RW-CSIRT: Call 4045 or write to security@rdb.rw to help for analyzing the source of the incident and recommendation.


References:


1. https://thehackernews.com/2018/04/drupal-rce-exploit-code.html
2. https://www.drupal.org/sa-core-2018-002
3. https://blog.securityevaluators.com/critical-remote-code-execution-vulnerability-found-in-drupal-cve-2018-7600-162f0a863f4
- Previous
- Next Alert-SamSam Ransomware
list